terraspace_plugin_azurerm 0.3.3 → 0.5.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +11 -0
- data/README.md +6 -0
- data/lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb +26 -0
- data/lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb +12 -12
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb +55 -19
- data/lib/terraspace_plugin_azurerm/interfaces/backend.rb +1 -1
- data/lib/terraspace_plugin_azurerm/interfaces/config.rb +25 -0
- data/lib/terraspace_plugin_azurerm/interfaces/helper/secret/fetcher.rb +6 -91
- data/lib/terraspace_plugin_azurerm/interfaces/helper/secret.rb +0 -1
- data/lib/terraspace_plugin_azurerm/interfaces/summary.rb +0 -1
- data/lib/terraspace_plugin_azurerm/version.rb +1 -1
- data/lib/terraspace_plugin_azurerm.rb +1 -0
- data/terraspace_plugin_azurerm.gemspec +2 -4
- metadata +5 -36
- data/lib/terraspace_plugin_azurerm/clients/options.rb +0 -51
- data/lib/terraspace_plugin_azurerm/clients/resources.rb +0 -17
- data/lib/terraspace_plugin_azurerm/clients/storage.rb +0 -28
- data/lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb +0 -29
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec2e5dd19a2e9f8116982f180920250368a90bb19cba4ac99326a4da5af30c65
|
4
|
+
data.tar.gz: 1e136803c90e204fcd657ffda15cf8a95b551011ad468f791baff0b80f18ac0d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9df596602653194f78eb445ca051fe434b167c39b843b22f1ca2aef3a58e150ef8e2fc3556b3bc13a06733b15a0d82583d0913a5c413955c8301c4f1b9df0f87
|
7
|
+
data.tar.gz: e8b3dc7c1dcd1bebcd3528f40d5948c0e9c5d772aa915fa81c31c32279ca07857d2efaa80e265e4bde79800eb2dd9c8ee5661a98d8fb118bcf07fce7ad53b2da
|
data/CHANGELOG.md
CHANGED
@@ -3,6 +3,17 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/).
|
5
5
|
|
6
|
+
## [0.5.1] - 2022-05-03
|
7
|
+
- [#15](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/15) pascalCase
|
8
|
+
|
9
|
+
## [0.5.0] - 2022-01-20
|
10
|
+
- [#14](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/14) use armrest gem
|
11
|
+
|
12
|
+
## [0.4.0] - 2022-01-05
|
13
|
+
- [#11](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/11) fix tags config in README
|
14
|
+
- [#13](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/13) data management and security features
|
15
|
+
- [#8](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/8) Add config.tags
|
16
|
+
|
6
17
|
## [0.3.3] - 2022-01-04
|
7
18
|
- [#10](https://github.com/boltops-tools/terraspace_plugin_azurerm/pull/10) azure_secret support expansion automatically
|
8
19
|
|
data/README.md
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
# Terraspace Azurerm Plugin
|
2
2
|
|
3
|
+
[![BoltOps Badge](https://img.boltops.com/boltops/badges/boltops-badge.png)](https://www.boltops.com)
|
4
|
+
|
5
|
+
[![Gem Version](https://badge.fury.io/rb/terraspace_plugin_azurerm.svg)](https://badge.fury.io/rb/terraspace_plugin_azurerm)
|
6
|
+
|
3
7
|
Azurerm support for [terraspace](https://terraspace.cloud/).
|
4
8
|
|
5
9
|
## Installation
|
@@ -22,6 +26,8 @@ TerraspacePluginAzurerm.configure do |config|
|
|
22
26
|
|
23
27
|
config.storage_account.sku.name = "Standard_LRS"
|
24
28
|
config.storage_account.sku.tier = "Standard"
|
29
|
+
|
30
|
+
config.tags = {env: Terraspace.env, terraspace: true}
|
25
31
|
end
|
26
32
|
```
|
27
33
|
|
@@ -0,0 +1,26 @@
|
|
1
|
+
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
|
+
class BlobContainer < Base
|
3
|
+
def create
|
4
|
+
if exist?
|
5
|
+
logger.debug "Storage Blob Container #{@container_name} already exists"
|
6
|
+
else
|
7
|
+
create_blob_container
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def exist?
|
12
|
+
blob_container.exist?(name: @container_name)
|
13
|
+
end
|
14
|
+
|
15
|
+
def create_blob_container
|
16
|
+
logger.info "Creating Storage Blob Container #{@container_name}..."
|
17
|
+
blob_container.create(name: @container_name)
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
def blob_container
|
22
|
+
Armrest::Services::BlobContainer.new(storage_account: @storage_account_name, group: @resource_group_name)
|
23
|
+
end
|
24
|
+
memoize :blob_container
|
25
|
+
end
|
26
|
+
end
|
@@ -1,32 +1,32 @@
|
|
1
1
|
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
2
|
# Named ResourceGroupCreator to avoid collision with Azure ResourceGroup model
|
3
3
|
class ResourceGroupCreator < Base
|
4
|
-
include TerraspacePluginAzurerm::Clients::Resources
|
5
|
-
|
6
4
|
def create
|
7
5
|
if exist?
|
8
6
|
logger.debug "Resource Group #{@resource_group_name} already exists"
|
7
|
+
create_or_update_resource_group if config.resource_group.update_existing
|
9
8
|
else
|
10
|
-
|
9
|
+
create_or_update_resource_group
|
11
10
|
end
|
12
11
|
end
|
13
12
|
|
14
13
|
def exist?
|
15
|
-
|
14
|
+
resource_group.check_existence(name: @resource_group_name)
|
16
15
|
end
|
17
16
|
|
18
|
-
def
|
17
|
+
def create_or_update_resource_group
|
19
18
|
logger.info "Creating Resource Group #{@resource_group_name}..."
|
20
|
-
resource_group
|
21
|
-
|
22
|
-
|
23
|
-
|
19
|
+
resource_group.create_or_update(
|
20
|
+
name: @resource_group_name,
|
21
|
+
location: config.location || AzureInfo.location,
|
22
|
+
tags: config.tags,
|
23
|
+
)
|
24
24
|
end
|
25
25
|
|
26
26
|
private
|
27
|
-
def
|
28
|
-
|
27
|
+
def resource_group
|
28
|
+
Armrest::Services::ResourceGroup.new
|
29
29
|
end
|
30
|
-
memoize :
|
30
|
+
memoize :resource_group
|
31
31
|
end
|
32
32
|
end
|
@@ -1,20 +1,20 @@
|
|
1
1
|
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
2
|
class StorageAccount < Base
|
3
|
-
include TerraspacePluginAzurerm::Clients::Storage
|
4
3
|
extend Memoist
|
5
4
|
|
6
5
|
def create
|
7
6
|
if exist?
|
8
7
|
logger.debug "Storage Account #{@storage_account_name} already exists"
|
8
|
+
save_storage_account if config.storage_account.update_existing
|
9
|
+
set_blob_service_properties if config.storage_account.configure_data_protection_for_existing
|
9
10
|
else
|
10
|
-
|
11
|
+
save_storage_account
|
12
|
+
set_blob_service_properties
|
11
13
|
end
|
12
14
|
end
|
13
15
|
|
14
16
|
def exist?
|
15
|
-
|
16
|
-
params.name = @storage_account_name
|
17
|
-
result = storage_accounts.check_name_availability(params)
|
17
|
+
result = storage_account.check_name_availability(name: @storage_account_name)
|
18
18
|
validate!(result)
|
19
19
|
!result.name_available
|
20
20
|
end
|
@@ -32,24 +32,60 @@ class TerraspacePluginAzurerm::Interfaces::Backend
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
def
|
36
|
-
|
37
|
-
|
35
|
+
def save_storage_account
|
36
|
+
action = exist? ? "Updating" : "Creating"
|
37
|
+
logger.info "#{action} Storage Account #{@storage_account_name}..."
|
38
|
+
storage_account.create(
|
39
|
+
name: @storage_account_name,
|
40
|
+
location: config.location || azure_info.location, # IE: eastus
|
41
|
+
sku: {
|
42
|
+
name: config.storage_account.sku.name,
|
43
|
+
tier: config.storage_account.sku.tier,
|
44
|
+
},
|
45
|
+
properties: {
|
46
|
+
allowBlobPublicAccess: config.storage_account.allow_blob_public_access,
|
47
|
+
},
|
48
|
+
kind: "StorageV2",
|
49
|
+
tags: config.tags,
|
50
|
+
)
|
38
51
|
end
|
39
52
|
|
40
|
-
def
|
41
|
-
|
42
|
-
params.location = config.location || azure_info.location # IE: eastus
|
43
|
-
params.sku = sku
|
44
|
-
params.kind = Kind::StorageV2
|
45
|
-
params
|
53
|
+
def set_blob_service_properties
|
54
|
+
blob_service.set_properties(blob_service_properties)
|
46
55
|
end
|
47
56
|
|
48
|
-
def
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
57
|
+
def blob_service_properties
|
58
|
+
sa = config.storage_account
|
59
|
+
container_delete_retention_policy = {
|
60
|
+
days: sa.container_delete_retention_policy.days || sa.delete_retention_policy.days,
|
61
|
+
enabled: sa.container_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
|
62
|
+
}
|
63
|
+
# blobs
|
64
|
+
delete_retention_policy = {
|
65
|
+
days: sa.blob_delete_retention_policy.days || sa.delete_retention_policy.days,
|
66
|
+
enabled: sa.blob_delete_retention_policy.enabled || sa.delete_retention_policy.enabled,
|
67
|
+
}
|
68
|
+
# final props
|
69
|
+
{
|
70
|
+
containerDeleteRetentionPolicy: container_delete_retention_policy,
|
71
|
+
deleteRetentionPolicy: delete_retention_policy,
|
72
|
+
isVersioningEnabled: sa.is_versioning_enabled,
|
73
|
+
}
|
74
|
+
end
|
75
|
+
|
76
|
+
private
|
77
|
+
def storage_account
|
78
|
+
Armrest::Services::StorageAccount.new(service_options)
|
79
|
+
end
|
80
|
+
memoize :storage_account
|
81
|
+
|
82
|
+
def blob_service
|
83
|
+
Armrest::Services::BlobService.new(service_options)
|
84
|
+
end
|
85
|
+
memoize :blob_service
|
86
|
+
|
87
|
+
def service_options
|
88
|
+
{ storage_account: @storage_account_name, group: @resource_group_name }
|
53
89
|
end
|
54
90
|
end
|
55
91
|
end
|
@@ -13,14 +13,39 @@ module TerraspacePluginAzurerm::Interfaces
|
|
13
13
|
# must return an ActiveSupport::OrderedOptions
|
14
14
|
def defaults
|
15
15
|
c = ActiveSupport::OrderedOptions.new
|
16
|
+
|
16
17
|
c.auto_create = true
|
17
18
|
c.location = nil # AzureInfo.location not assigned here so it can be lazily inferred
|
19
|
+
|
18
20
|
c.secrets = ActiveSupport::OrderedOptions.new
|
19
21
|
c.secrets.vault = nil
|
22
|
+
|
23
|
+
c.resource_group = ActiveSupport::OrderedOptions.new
|
24
|
+
c.resource_group.update_existing = false
|
25
|
+
|
20
26
|
c.storage_account = ActiveSupport::OrderedOptions.new
|
27
|
+
c.storage_account.update_existing = false
|
21
28
|
c.storage_account.sku = ActiveSupport::OrderedOptions.new
|
22
29
|
c.storage_account.sku.name = "Standard_LRS"
|
23
30
|
c.storage_account.sku.tier = "Standard"
|
31
|
+
c.storage_account.allow_blob_public_access = false # Azure default is true
|
32
|
+
|
33
|
+
# data protection management
|
34
|
+
c.storage_account.configure_data_protection_for_existing = false
|
35
|
+
c.storage_account.delete_retention_policy = ActiveSupport::OrderedOptions.new
|
36
|
+
c.storage_account.delete_retention_policy.days = 365
|
37
|
+
c.storage_account.delete_retention_policy.enabled = true
|
38
|
+
# overrides the setting above
|
39
|
+
c.storage_account.blob_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
40
|
+
c.storage_account.blob_delete_retention_policy.days = nil
|
41
|
+
c.storage_account.blob_delete_retention_policy.enabled = nil
|
42
|
+
c.storage_account.container_delete_retention_policy = ActiveSupport::OrderedOptions.new
|
43
|
+
c.storage_account.container_delete_retention_policy.days = nil
|
44
|
+
c.storage_account.container_delete_retention_policy.enabled = nil
|
45
|
+
c.storage_account.is_versioning_enabled = true
|
46
|
+
|
47
|
+
c.tags = {}
|
48
|
+
|
24
49
|
c
|
25
50
|
end
|
26
51
|
end
|
@@ -7,15 +7,10 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
7
7
|
class VaultNotConfiguredError < Error; end
|
8
8
|
|
9
9
|
include TerraspacePluginAzurerm::Logging
|
10
|
-
include TerraspacePluginAzurerm::Clients::Options
|
11
10
|
extend Memoist
|
12
11
|
|
13
12
|
def initialize(mod, options={})
|
14
13
|
@mod, @options = mod, options
|
15
|
-
o = base_client_options
|
16
|
-
@client_id = o[:client_id]
|
17
|
-
@client_secret = o[:client_secret]
|
18
|
-
@tenant_id = o[:tenant_id]
|
19
14
|
end
|
20
15
|
|
21
16
|
def fetch(name, opts={})
|
@@ -25,42 +20,11 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
25
20
|
|
26
21
|
def get_secret(name, options={})
|
27
22
|
vault = options[:vault]
|
23
|
+
check_vault_configured!(vault)
|
28
24
|
version = options[:version]
|
29
|
-
unless token
|
30
|
-
return "ERROR: Unable to authorize and get the temporary token. Double check your ARM_ env variables."
|
31
|
-
end
|
32
|
-
|
33
25
|
version = "/#{version}" if version
|
34
|
-
check_vault_configured!(vault)
|
35
|
-
vault_subdomain = vault.downcase
|
36
|
-
# Using Azure REST API since the old gem doesnt support secrets https://github.com/Azure/azure-sdk-for-ruby
|
37
|
-
# https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret
|
38
26
|
name = expansion(name) if expand?
|
39
|
-
|
40
|
-
logger.debug "Azure vault url #{url}"
|
41
|
-
uri = URI(url)
|
42
|
-
req = Net::HTTP::Get.new(uri)
|
43
|
-
req["Authorization"] = token
|
44
|
-
req["Content-Type"] = "application/json"
|
45
|
-
|
46
|
-
resp = nil
|
47
|
-
begin
|
48
|
-
resp = send_request(uri, req)
|
49
|
-
rescue VaultNotFoundError
|
50
|
-
message = "WARN: Vault not found #{vault}"
|
51
|
-
logger.info message.color(:yellow)
|
52
|
-
return message
|
53
|
-
end
|
54
|
-
|
55
|
-
case resp.code.to_s
|
56
|
-
when /^2/
|
57
|
-
data = JSON.load(resp.body)
|
58
|
-
data['value']
|
59
|
-
else
|
60
|
-
message = standard_error_message(resp)
|
61
|
-
logger.info "WARN: #{message}".color(:yellow)
|
62
|
-
message
|
63
|
-
end
|
27
|
+
secret.show(name: name, vault: vault)
|
64
28
|
end
|
65
29
|
|
66
30
|
def check_vault_configured!(vault)
|
@@ -80,61 +44,12 @@ class TerraspacePluginAzurerm::Interfaces::Helper::Secret
|
|
80
44
|
raise VaultNotConfiguredError.new
|
81
45
|
end
|
82
46
|
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
http.use_ssl = true if uri.scheme == 'https'
|
87
|
-
|
88
|
-
begin
|
89
|
-
http.request(req) # response
|
90
|
-
rescue SocketError => e
|
91
|
-
# SocketError: Failed to open TCP connection to MISSING-VAULT.vault.azure.net:443 (getaddrinfo: Name or service not known)
|
92
|
-
if e.message.include?("vault.azure.net")
|
93
|
-
raise VaultNotFoundError.new(e)
|
94
|
-
else
|
95
|
-
raise
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
99
|
-
|
100
|
-
# Secret error handling: 1. network 2. json parse 3. missing secret
|
101
|
-
#
|
102
|
-
# Azure API responses with decent error message when
|
103
|
-
# 403 Forbidden - KeyVault Access Policy needs to be set up
|
104
|
-
# 404 Not Found - Secret name is incorrect
|
105
|
-
#
|
106
|
-
def standard_error_message(resp)
|
107
|
-
data = JSON.load(resp.body)
|
108
|
-
data['error']['message']
|
109
|
-
rescue JSON::ParserError
|
110
|
-
resp.body
|
111
|
-
end
|
112
|
-
|
113
|
-
@@token = nil
|
114
|
-
def token
|
115
|
-
return @@token unless @@token.nil?
|
116
|
-
url = "https://login.microsoftonline.com/#{@tenant_id}/oauth2/token"
|
117
|
-
uri = URI(url)
|
118
|
-
req = Net::HTTP::Get.new(uri)
|
119
|
-
req.set_form_data(
|
120
|
-
grant_type: "client_credentials",
|
121
|
-
client_id: @client_id,
|
122
|
-
client_secret: @client_secret,
|
123
|
-
resource: "https://vault.azure.net",
|
124
|
-
)
|
125
|
-
resp = send_request(uri, req)
|
126
|
-
data = JSON.load(resp.body)
|
127
|
-
if resp.code =~ /^2/
|
128
|
-
@@token = "Bearer #{data['access_token']}" if data
|
129
|
-
else
|
130
|
-
logger.info "WARN: #{data['error_description']}".color(:yellow)
|
131
|
-
# return false otherwise error message is used as the bearer toke and get this error:
|
132
|
-
# ArgumentError: header field value cannot include CR/LF
|
133
|
-
@@token = false
|
134
|
-
end
|
47
|
+
private
|
48
|
+
def secret
|
49
|
+
Armrest::Services::KeyVault::Secret.new
|
135
50
|
end
|
51
|
+
memoize :secret
|
136
52
|
|
137
|
-
private
|
138
53
|
delegate :expansion, to: :expander
|
139
54
|
def expander
|
140
55
|
TerraspacePluginAzurerm::Interfaces::Expander.new(@mod)
|
@@ -3,7 +3,6 @@ require 'azure/storage/blob'
|
|
3
3
|
module TerraspacePluginAzurerm::Interfaces
|
4
4
|
class Summary
|
5
5
|
include Terraspace::Plugin::Summary::Interface
|
6
|
-
include TerraspacePluginAzurerm::Clients::Storage # for mgmt storage_accounts to get keys only, the azure/storage/blob gem is used to get the objects
|
7
6
|
extend Memoist
|
8
7
|
|
9
8
|
# interface method
|
@@ -22,10 +22,8 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
23
23
|
spec.require_paths = ["lib"]
|
24
24
|
|
25
|
-
spec.add_dependency "
|
26
|
-
spec.add_dependency "azure_info"
|
27
|
-
spec.add_dependency "azure_mgmt_resources"
|
28
|
-
spec.add_dependency "azure_mgmt_storage"
|
25
|
+
spec.add_dependency "armrest"
|
26
|
+
spec.add_dependency "azure_info"
|
29
27
|
spec.add_dependency "memoist"
|
30
28
|
spec.add_dependency "zeitwerk"
|
31
29
|
end
|
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: terraspace_plugin_azurerm
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-05-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: armrest
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
@@ -26,34 +26,6 @@ dependencies:
|
|
26
26
|
version: '0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: azure_info
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: 0.1.2
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: 0.1.2
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: azure_mgmt_resources
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - ">="
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
48
|
-
type: :runtime
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - ">="
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: azure_mgmt_storage
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
58
30
|
requirements:
|
59
31
|
- - ">="
|
@@ -141,14 +113,11 @@ files:
|
|
141
113
|
- lib/templates/test/rspec/project/spec/stacks/demo/main_spec.rb
|
142
114
|
- lib/terraspace_plugin_azurerm.rb
|
143
115
|
- lib/terraspace_plugin_azurerm/autoloader.rb
|
144
|
-
- lib/terraspace_plugin_azurerm/clients/options.rb
|
145
|
-
- lib/terraspace_plugin_azurerm/clients/resources.rb
|
146
|
-
- lib/terraspace_plugin_azurerm/clients/storage.rb
|
147
116
|
- lib/terraspace_plugin_azurerm/interfaces/backend.rb
|
148
117
|
- lib/terraspace_plugin_azurerm/interfaces/backend/base.rb
|
118
|
+
- lib/terraspace_plugin_azurerm/interfaces/backend/blob_container.rb
|
149
119
|
- lib/terraspace_plugin_azurerm/interfaces/backend/resource_group_creator.rb
|
150
120
|
- lib/terraspace_plugin_azurerm/interfaces/backend/storage_account.rb
|
151
|
-
- lib/terraspace_plugin_azurerm/interfaces/backend/storage_container.rb
|
152
121
|
- lib/terraspace_plugin_azurerm/interfaces/config.rb
|
153
122
|
- lib/terraspace_plugin_azurerm/interfaces/expander.rb
|
154
123
|
- lib/terraspace_plugin_azurerm/interfaces/helper.rb
|
@@ -179,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
179
148
|
- !ruby/object:Gem::Version
|
180
149
|
version: '0'
|
181
150
|
requirements: []
|
182
|
-
rubygems_version: 3.
|
151
|
+
rubygems_version: 3.3.12
|
183
152
|
signing_key:
|
184
153
|
specification_version: 4
|
185
154
|
summary: Terraspace Azurerm Cloud Plugin
|
@@ -1,51 +0,0 @@
|
|
1
|
-
module TerraspacePluginAzurerm::Clients
|
2
|
-
module Options
|
3
|
-
extend Memoist
|
4
|
-
|
5
|
-
def client_options
|
6
|
-
o = base_client_options
|
7
|
-
o[:credentials] = credentials
|
8
|
-
o
|
9
|
-
end
|
10
|
-
|
11
|
-
def credentials
|
12
|
-
o = base_client_options
|
13
|
-
provider = MsRestAzure::ApplicationTokenProvider.new(o[:tenant_id], o[:client_id], o[:client_secret])
|
14
|
-
MsRest::TokenCredentials.new(provider)
|
15
|
-
end
|
16
|
-
|
17
|
-
def base_client_options
|
18
|
-
# AZURE_* is used by ruby generally.
|
19
|
-
# ARM_* is used by Terraform azurerm provider: https://www.terraform.io/docs/providers/azurerm/index.html
|
20
|
-
# Favor ARM_ because this plugin is designed for Terraspace.
|
21
|
-
client_id = ENV['ARM_CLIENT_ID'] || ENV['AZURE_CLIENT_ID']
|
22
|
-
client_secret = ENV['ARM_CLIENT_SECRET'] || ENV['AZURE_CLIENT_SECRET']
|
23
|
-
subscription_id = ENV['ARM_SUBSCRIPTION_ID'] || ENV['AZURE_SUBSCRIPTION_ID'] || AzureInfo.subscription_id
|
24
|
-
tenant_id = ENV['ARM_TENANT_ID'] || ENV['AZURE_TENANT_ID'] || AzureInfo.tenant_id
|
25
|
-
|
26
|
-
o = {
|
27
|
-
tenant_id: tenant_id,
|
28
|
-
client_id: client_id,
|
29
|
-
client_secret: client_secret,
|
30
|
-
subscription_id: subscription_id,
|
31
|
-
}
|
32
|
-
validate_base_options!(o)
|
33
|
-
o
|
34
|
-
end
|
35
|
-
memoize :base_client_options
|
36
|
-
|
37
|
-
def validate_base_options!(options)
|
38
|
-
vars = []
|
39
|
-
options.each do |k,v|
|
40
|
-
vars << "ARM_#{k}".upcase if v.nil?
|
41
|
-
end
|
42
|
-
return if vars.empty?
|
43
|
-
|
44
|
-
logger.error "ERROR: Required Azure env variables missing. Please set these env variables:".color(:red)
|
45
|
-
vars.each do |var|
|
46
|
-
logger.error " #{var}"
|
47
|
-
end
|
48
|
-
exit 1
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
require 'azure_mgmt_resources'
|
2
|
-
|
3
|
-
module TerraspacePluginAzurerm::Clients
|
4
|
-
module Resources
|
5
|
-
include Options
|
6
|
-
extend Memoist
|
7
|
-
|
8
|
-
# Include SDK modules to ease access to Resources classes.
|
9
|
-
include Azure::Resources::Profiles::Latest::Mgmt
|
10
|
-
include Azure::Resources::Profiles::Latest::Mgmt::Models
|
11
|
-
|
12
|
-
def mgmt
|
13
|
-
Client.new(client_options)
|
14
|
-
end
|
15
|
-
memoize :mgmt
|
16
|
-
end
|
17
|
-
end
|
@@ -1,28 +0,0 @@
|
|
1
|
-
require "azure_mgmt_storage"
|
2
|
-
|
3
|
-
module TerraspacePluginAzurerm::Clients
|
4
|
-
module Storage
|
5
|
-
include Options
|
6
|
-
extend Memoist
|
7
|
-
|
8
|
-
# Include SDK modules to ease access to Storage classes.
|
9
|
-
include Azure::Storage::Mgmt::V2019_06_01
|
10
|
-
include Azure::Storage::Mgmt::V2019_06_01::Models
|
11
|
-
|
12
|
-
def storage_accounts
|
13
|
-
mgmt.storage_accounts
|
14
|
-
end
|
15
|
-
|
16
|
-
def blob_containers
|
17
|
-
BlobContainers.new(mgmt)
|
18
|
-
end
|
19
|
-
memoize :blob_containers
|
20
|
-
|
21
|
-
def mgmt
|
22
|
-
client = StorageManagementClient.new(credentials)
|
23
|
-
client.subscription_id = client_options[:subscription_id]
|
24
|
-
client
|
25
|
-
end
|
26
|
-
memoize :mgmt
|
27
|
-
end
|
28
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
class TerraspacePluginAzurerm::Interfaces::Backend
|
2
|
-
class StorageContainer < Base
|
3
|
-
include TerraspacePluginAzurerm::Clients::Storage
|
4
|
-
|
5
|
-
def create
|
6
|
-
if exist?
|
7
|
-
logger.debug "Storage Container #{@container_name} already exists"
|
8
|
-
else
|
9
|
-
create_storage_container
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
def exist?
|
14
|
-
begin
|
15
|
-
blob_containers.get(@resource_group_name, @storage_account_name, @container_name)
|
16
|
-
true
|
17
|
-
rescue MsRestAzure::AzureOperationError => e
|
18
|
-
e.message.include?("The specified container does not exist") ? false : raise
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
def create_storage_container
|
23
|
-
logger.info "Creating Storage Container #{@container_name}..."
|
24
|
-
blob_container = BlobContainer.new
|
25
|
-
blob_container.name = @container_name
|
26
|
-
blob_containers.create(@resource_group_name, @storage_account_name, @container_name, blob_container)
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|